Description

PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graphical installers for Linux and Mac OS X," which has unspecified impact and attack vectors.

Remediation

References

CVE-2013-1903

Related Vulnerabilities

WordPress Plugin Ultimate Membership Pro SQL Injection (6.4)

Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0874)

Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503)

PrestaShop Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-19124)

Apache Tomcat Other Vulnerability (CVE-2002-2007)

Severity

Critical

Classification

CVE-2013-1903 CWE-264

Tags

Missing Update Known Vulnerabilities